Search the Community
Showing results for tags 'federal'.
-
Deleting your browser history could land you up in prison for 20 years in United States Clearing your browsing history is a crime in United States according to the Sarbanes-Oxley Act of 2002 In a recent article published in The Nation, it revealed the improper use of a law meant for completely different purposes by by federal prosecutors. The Sarbanes-Oxley Act of 2002 was meant to provide authorities with tools to prevent criminal behavior by corporations. It was put into practice after the Enron meltdown when it was found out that executives or their servants following orders torn into shreds every document they could think of which may prove them guilty. The legislation’s goal was to stop companies from committing large fraud and then damaging the evidence of their conspiratorial criminality while investigations were under way. The appropriate section of Sarbanes-Oxley reads as follows: Whoever knowingly alters, destroys, mutilates, conceals, covers up, falsifies, or makes a false entry in any record, document, or tangible object with the intent to impede, obstruct, or influence the investigation or proper administration of any matter within the jurisdiction of any department or agency of the United States or any case filed under title 11, or in relation to or contemplation of any such matter or case, shall be fined under this title, imprisoned not more than 20 years, or both. Khairullozhon Matanov, a friend of the Tsarnaev brothers, the Boston Marathon bombers was interviewed by the Federal authorities about his association with them. However, the federal authorities never accused him for any activity linked to the bombing nor have they said that he was having knowledge of their plans or felt for them. During the interviews, he did however perpetrate a few small lies, of which none had any actual relation to the case. For instance, he lied that he had last time prayed with Tamerlan Tsarnaev together. On that grounds, … they charged him with four counts of obstruction of justice. There were three counts for making false statements based on the aforementioned lies and—remarkably—one count for destroying “any record, document or tangible object” with intent to obstruct a federal investigation. This last charge was for deleting videos on his computer that may have demonstrated his own terrorist sympathies and for clearing his browser history. Based on the records section of Sarbanes-Oxley mentioned above, the last charge was applied. The law meant to stop and punish corporate wrongdoing is instead used as a hammer against a private citizen to a great extent. Some people may feel that any possible application of a law is tolerable, especially in the continual war on terror. However, if that law is ever used against them, they might end up feeling differently about it. The most unpleasant or offensive part of this is that it is being used to punish “pre-crimes.” When Matanov deleted his browser history, he had not been accused of anything and was not aware that he was under a formal inquiry. His crime was not predictable that federal agents may someday make a decision to examine him and thus failing to maintain any self-incriminating potential evidence. As Hanni Fakhoury of the Electronic Frontiers Foundation put it, the government is saying: “Don’t even think about deleting anything that may be harmful to you, because we may come after you at some point in the future for some unforeseen reason and we want to be able to have access to that data. And if we don’t have access to that data, we’re going to slap an obstruction charge that has as 20-year maximum on you.” The article in The Nation shows that this is not an remote and unfair use of Sarbanes-Oxley, discussing many other similar cases. Traders and bankers danced away with multi-million dollar bonuses after their criminally reckless maneuvering almost put an end to the global economy. Their companies paid fines that are not worth to be considered for market manipulations and criminal money laundering. Until now, none of them have go to jail and none of them have been sued under Sarbanes-Oxley. However, it is a different rule of law for an undistinguished or average citizen. As more and more data are stored online, the government wants and believes it has the rights to access that data for policing purposes. But Fakhoury disagrees. “The idea that you have to create a record of where you’ve gone or open all your cupboards all the time and leave your front door unlocked and available for law enforcement inspection at any time is not the country we have established for ourselves more than 200 years ago.” This law has been in the books for thirteen years now. It has not managed to control the corporate wrongdoing, but it is proving to be having a negative effect on citizens who have never swindled a shareholder in their lives. Combined with federal investigations through our online communications and their efforts to break secure encryption in our data storage, they want us to completely give up our personal freedom of thought and privacy. Sursa: Deleting your browser history could land you up in prison for 20 years in United States
-
Browsing should be private' says NSA overlord Black Hat Barack has issued a Memorandum – an executive order in all but name, and an instrument the president has used more than any of his predecessors – to all Federal website sysadmins, informing them to deprecate HTTP and roll on with HTTPS. The HTTPS-Only Standard was proposed by the US' Chief Information Officer Tony Scott, formerly of VMWare. Though the standard has been criticised by a database admin at NASA as a "top-down solution", it has also been described as a "great first step" by the American Civil Liberties Union. The Memorandum [PDF] itself states that "all browsing activity should be considered private and sensitive". The standard is intended to eliminate "inconsistent, subjective determinations across agencies regarding which content or browsing activity is sensitive in nature", Tony Scott said. Source
-
So many hacks, so few days in the week to write alarming stories about every one. Every weekend, WIRED Security rounds up the security vulnerabilities and privacy updates that didn’t quite rise to our level for in-depth reporting this week, but deserve your attention nonetheless. First the big stories: The FBI has a secret fleet of planes spying on you, and they are not alone. United Airlines grounded all its planes on Monday because false flight plans were being uploaded to the flight decks. The US Senate finally passed some NSA surveillance reform in the form of the USA Freedom Act–the first of its kind since Edward Snowden revealed the extent of the Big Brother nightmare that is domestic counter-terrorism in the 21st century. Facebook decided that revealing your location in Messenger isn’t a bug; it’s a feature! A feature you can now, thankfully, opt out of. And our own Andy Greenberg demonstrated that the front lines of the gun control debate are moving closer to home, as it’s now incredibly easily to build your own untraceable guns. But there was a lot of other news this week, summarized below. To read the full story linked in each post, click on the headlines. And be safe out there! —Emily Dreyfuss Chinese Hackers Access Four Million Federal Workers’ Payroll Data Another month, another massive breach of a federal agency revealed. Hackers based in China accessed the records of four million federal workers when they hacked the Office of Payroll Management (OPM) in an attack first discovered in April. Despite the agency’s focus on payroll, it’s not clear if any data was stolen that could lead to financial fraud; no direct deposit information was accessed, according to the Washington Post. Instead, the attackers may have been seeking data useful for identifying government staffers with security clearances, potentially to target them in future “spear phishing” attacks. The Department of Homeland Security has taken credit for identifying the attack with its EINSTEIN intrusion detection system. But critics are questioning why that years-in-development system couldn’t have caught the attack earlier. The Chinese government, per usual, has denied any involvement. The OPM intrusion marks the second major federal breach revealed this year, following news that Russian hackers accessed unclassified White House networks as well as those of the State Department. — Andy Greenberg California Senate Passes Bill Requiring Warrants To Search Electronic Devices Another small victory for opponents of the all-pervasive morass of electronic surveillance, at least in one state: the California senate unanimously passed the California Electronic Communications Privacy Act, a bill requiring law enforcement to obtain a search warrant or wiretap order prior to searching smartphones, laptops, or electronic devices, or accessing information stored on remote servers. The bill will be heard by the State Assembly this summer. — Yael Grauer Skype Bug Broke App on Android, iOS and Windows It only took Skype 24 hours to fix the bug, but for a moment, messaging “http://:” (without the quotes) in chat not only made Skype crash in Windows, Android, and iOS, but would immediately crash it again after restarting when Skype downloaded chat history for the server, meaning that clearing the chat history didn’t resolve the issue. This bug trailed on the heels of the iOS glitch discovered last week that caused iPhones to crash when sent a string of characters, though users are far more likely to type in http://: by accident than they are to text the complicated string of Arabic and English characters required to crash iOS devices. Before the fix was in, Skype users could get around the bug by installing an older version of Skype, or having the sender delete the offending message. — Yael Grauer Most Macs Vulnerable to Permanent Backdooring Macs shipped prior to mid-2014 are vulnerable to an exploit that would allow an attacker to permanently control the machine, even if you reinstall OS X or reformat the drive. The vulnerability, discovered by security researcher Pedro Vilaca, allows attackers to install malicious firmware that essentially overwrites the firmware that boots up the machine right after older Macs awake from sleep. The code is installed via one of the many security vulnerabilities found in web browsers such as Safari. One way to avoid this hack is to change your computer’s default setting to deactivate sleep mode. You can also download software to detect whether an attack has taken place, though the software won’t prevent it from happening. — Yael Grauer Twitter Just Killed Politwoops The greatest Twitter account you’ve never heard of is now dead. Politwoops, an online archive of public statements made–and deleted–by U.S. politicians on Twitter, was an online transparency project started in 2012 by the Sunlight Foundation. It was created to provide a record of ways that elected officials sometimes quietly reverse their messaging. Originally, Sunlight had permission to use Twitter’s API for the project, which used a human curation workflow to analyze the tweets. But the social networking service has now reneged, citing the expectation of privacy for all accounts. Sunlight Foundation points out that elected officials shouldn’t share the same expectations of privacy as private citizens do, and that transparency leads to accountability. Now it has one fewer tool to use on that mission. — Yael Grauer Now You, Too, Can Track FBI Spy Planes As you’ve probably heard by now, the FBI is flying spy planes over American cities, and they’re registered to at least 13 fictitious companies. The specific capabilities of these planes is unclear, but they may have high-tech cameras and perhaps even cell-site simulators to scoop up massive amounts of data. Luckily, tracking the planes themselves has proven to be a bit easier than determining their capabilities. L.A.-based technologist John Wiseman used public records request for flight routes and programmed a radio receiver to intercept airplane transmissions, allowing him to identify planes flying in L.A. in real time. You can do the same, by tapping into a database of 115 spy planes that engineer Brian Abelson created by looking up registration numbers associated with planes owned by FBI front companies, as revealed by the AP. Flight information and history is available on that link, and users can analyze the data set by registering for a free account at Enigma, the data search and discovery platform where Wiseman works. — Yael Grauer Source
-
Federal Bureau of Investigation Counter-terrorism Division and Cyber Crime Division J. Edgar. Hoover Building Washington DC JAMES B. COMEY Attention Beneficiary, NOTE: If you received this message in your SPAM / BULK folder, it is because of the restrictions imposed by your Mail/Internet Service Provider, we urge you to treat it genuinely because its a legitimate email. Records show that you are among one of the individuals and organizations who are yet to receive their overdue payment from overseas which includes those of Lottery/Gambling, Contract and Inheritance. Through our Fraud Monitory Unit we have noticed that you have been transacting with some impostors and fraudsters who have been impersonating the likes of Prof. Soludo/Mr.Lamido Sanusi of the Central Bank Of Nigeria, Mr. Patrick Aziza, Bode Williams, Frank, Anderson, none officials of Oceanic Bank, Zenith Banks, Kelvin Young of HSBC, Ben of FedEx, Ibrahim Sule, Dr. Usman Shamsuddeen and some impostors claiming to be The Federal Bureau of Investigation. The National Central Bureau of Interpol enhanced by the United Nations and Federal Bureau of Investigation have successfully passed a mandate to the current president of Nigeria his Excellency President Good luck Jonathan to boost the exercise of clearing all foreign debts owed to you and other individuals and organizations who have been found not to have receive their Contract Sum, Lottery/Gambling, Inheritance and the likes. Now how would you like to receive your payment? Because we have two method of payment which is by Cheque or by ATM card? The Cyber Crime Division of the FBI gathered information from the Internet Fraud Complaint Center (IFCC) on how some people have lost outrageous sums of money to these impostors. As a result of this, we hereby advise you to stop communication with any one not referred to you by us. We have negotiated with the Federal Ministry of Finance that your payment totaling $2,900,000.00(Two Million Nine Hundred Thousand Dollars). will be released to you via a custom pin based ATM card with a maximum withdrawal limit of $10,000 a day which is powered by Visa Card and can be used anywhere in the world where you see a Visa Card Logo on the Automatic Teller Machine (ATM). We know you might have be thinking how this money was given to you, now listen. We the FBI recover some huge amount of money from Fraudsters we arrested last year and early this year so we the FBI and Internet Fraud Complaint Center (IFCC) in conjunction with the International Monitory Funds (IMF) After the several meeting we held last week we came to an conclusion to share the huge amount of money among those that have been scam for the past few years back and your name and address where selected randomly. To redeem your funds, you are hereby advised to contact the ATM Card Center via email for their requirement to proceed and procure your Approval of Payment Warrant and Endorsement of your ATM Release Order on your behalf which will cost you $250 Usd only and nothing more as everything else has been taken care of by the Federal Government including taxes, custom paper and clearance duty so all you will ever need to pay is $250.00 only. Do not think this is a also a scam because you have been ask to pay a little amount of fee to redeem your fund. Dr. Lord Ruben ATM Card Center Director Private Email: lordben@usa.com Text Message Only: +1(315) 889-6367 Do contact Lord Ruben of the ATM Card Center via his contact details above and furnish him with your details as listed below: FULL NAMES: DELIVERY ADDRESS FOR ATM CARD SEX: DATE OF BIRTH: OCCUPATION: TELEPHONE NUMBER: EMAIL ADDRESS: On contacting him with your details your file would be updated and he will be sending you the payment information in which you will use in making payment of $250.00 for the procurement of your Approval of Payment Warrant and Endorsement of your ATM CARD Release Order, after which the delivery of your ATM card will be effected to your designated home address without any further delay or extra fee. JAMES B. COMEY DIRECTOR FEDERAL BUREAU OF INVESTIGATION UNITED STATES DEPARTMENT OF JUSTICE WASHINGTON, D.C. 20535 Cine o mai primit acest mail ? creca e din cauza ca ma uitasem la mosu al a pe camera video ) ca ala avea acolo la nume ceva cu bureau care-i treaba oare ?
-
The St. Louis Federal Reserve today sent a message to those it serves alerting them that in late April 2015 attackers succeeded in hijacking the domain name servers for the institution. The attack redirected Web searches and queries for those seeking a variety of domains run by the government entity to a Web page set up by the attackers in an apparent bid by cybercrooks to hijack online communications of banks and other entities dealing with the regional Fed office. The communique, shared by an anonymous source, was verified as legitimate by a source at another regional Federal Reserve location. The notice from the St. Louis Fed stated that the “the Federal Reserve Bank of St. Louis has been made aware that on April 24, 2015, computer hackers manipulated routing settings at a domain name service (DNS) vendor used by the St. Louis Fed so that they could automatically redirect some of the Bank’s web traffic that day to rogue webpages they created to simulate the look of the St. Louis Fed’s research.stlouisfed.org website, including webpages for FRED, FRASER, GeoFRED and ALFRED.” Requests for comment from the St. Louis Fed so far have gone unreturned. It remains unclear what impact, if any, this event has had on the normal day-to-day operations of hundreds of financial institutions that interact with the regional Fed operator. The advisory noted that “as is common with these kinds of DNS attacks, users who were redirected to one of these phony websites may have been unknowingly exposed to vulnerabilities that the hackers may have put there, such as phishing, malware and access to user names and passwords.” The statement continues: “These risks apply to individuals who attempted to access the St. Louis Fed’s research.stlouisfed.org website on April 24, 2015. If you attempted to log into your user account on that date, it is possible that this malicious group may have accessed your user name and password. The St. Louis Fed’s website itself was not compromised. According to Wikipedia, the Federal Reserve Economic Data (FRED) is a database maintained by the Research division of the Federal Reserve Bank of St. Louis that has more than 247,000 economic time series from 79 sources. The data can be viewed in graphical and text form or downloaded for import to a database or spreadsheet, and viewed on mobile devices. They cover banking, business/fiscal, consumer price indexes, employment and population, exchange rates, gross domestic product, interest rates, monetary aggregates, producer price indexes, reserves and monetary base, U.S. trade and international transactions, and U.S. financial data. FRASER stands for the Federal Reserve Archival System for Economic Research, and reportedly contains links to scanned images (PDF format) of historic economic statistical publications, releases, and documents including the annual Economic Report of the President. Coverage starts with the 19th and early 20th century for some economic and banking reports. According to the Federal Reserve, GeoFred allows authorized users to create, customize, and share geographical maps of data found in FRED. ALFRED, short for ArchivaL Federal Reserve Economic Data, allows users to retrieve vintage versions of economic data that were available on specific dates in history. The St. Louis Federal Reserve is one of twelve regional Fed organizations, and serves banks located in the all of Arkansas and portions of six other states: Illinois, Indiana, Kentucky, Mississippi, Missouri and Tennessee. According to the reserve’s Web site, it also serves most of eastern Missouri and southern Illinois. No information is available at this time about the attackers involved in this intrusion, but given the time lag between this event and today’s disclosure it seems likely that it is related to state-sponsored hacking activity from a foreign adversary. If the DNS compromise also waylaid emails to and from the institution, this could be a much bigger deal. This is likely to be a fast-moving story. More updates as they become available. Source